summaryrefslogblamecommitdiffstats
path: root/net-im/loudmouth/files/patch-loudmouth_lm-ssl-gnutls.c
blob: 5a202430c68483c3bca1d85a6642e3ce0de9df65 (plain) (tree) 
e14b21f2d




























1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28




























                                                                                                                              
--- loudmouth/lm-ssl-gnutls.c.orig  2010-04-17 15:56:39.000000000 -0400
+++ loudmouth/lm-ssl-gnutls.c   2010-04-17 15:56:43.000000000 -0400
@@ -32,7 +32,7 @@
 
 #include <gnutls/x509.h>
 
-#define CA_PEM_FILE "/etc/ssl/certs/ca-certificates.crt"
+#define CA_PEM_FILE "%%LOCALBASE%%/share/certs/ca-root-nss.crt"
 
 struct _LmSSL {
    LmSSLBase base;
@@ -200,6 +200,7 @@ _lm_ssl_begin (LmSSL *ssl, gint fd, cons
        { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
    const int compression_priority[] =
        { GNUTLS_COMP_DEFLATE, GNUTLS_COMP_NULL, 0 };
+   gnutls_priority_t priorities_cache;
 
    gnutls_init (&ssl->gnutls_session, GNUTLS_CLIENT);
    gnutls_set_default_priority (ssl->gnutls_session);
@@ -213,6 +214,8 @@ _lm_ssl_begin (LmSSL *ssl, gint fd, cons
 
    gnutls_transport_set_ptr (ssl->gnutls_session,
                  (gnutls_transport_ptr_t)(glong) fd);
+   gnutls_priority_init (&priorities_cache, "NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:NORMAL:%COMPAT", NULL);
+   gnutls_priority_set (ssl->gnutls_session, priorities_cache);
 
    ret = gnutls_handshake (ssl->gnutls_session);
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-16 11:31:39 +0800